top of page
stroutsis2.JPG
stroutsis1.JPG

How is cybercrime different from traditional crime?

​

No physical, geographic boundaries.

Speed of crimes conducted.

Larger pool of potential victims.

Less effort by perpetrators.

Reconnaissance made easier.

Ease of access to information.

Proper security in todays computer world is a necessity and cyber incidents are the leading risk to businesses in the US in 2020.

Cybersecurity Information

COVID 19 is expected to increase spending in Cybersecurity

Who is vulnerable?

Financial institutions and banks
• Internet service providers
• Pharmaceutical companies
• Government and defense agencies
• Contractors to various government agencies
• Multinational corporations
• AKA Anyone and Everyone!

Protecting Data
 

One of the most valuable assets is data
• Without data, an organization loses its record of transactions and/or its ability to deliver
value to its customers
• An effective information security program is
essential to the protection of the integrity
and value of the organization’s data

Malicious Software Dissemination

Computer Virus
Code attached to carriers
Worms
Self replicating code
Trojan Horses
Embedded within another program
Spyware
Used to monitor computer actions
Botnet
Collection of compromised computers

New Frontiers in Cybersecurity

AI security such as adversarial machine learning
ï‚—Blockchain technology
ï‚—Socio technical aspects of cryptocurrencies
ï‚—Privacy aware computing
ï‚—Homomorphic encryption
ï‚—Cryptographic obfuscation
ï‚—Cryptographic applications in cloud computing and IoT security
ï‚—Post quantum cryptography
ï‚—Security and privacy in online social networks
ï‚—Security and privacy in fog/edge computing
ï‚—
New human centric cybersecurity solutions

Security as Science

Cyber Security Requirements/Challenges

Security mechanisms >> more than a particular
algorithm or protocol
Little benefit from security investment if NO a security concern
Strong security >> an impediment to efficient and user
friendly operation

Standards

The Internet society (ISOC)
Internet Architecture Board (IAB)
Internet Engineering Task Force (IETF)
Internet Engineering Steering Group (IESG)
National Institute of Standards and Technology (NIST)
National Security Agency (NSA)
Federal Information Processing Standards (FIPS)

Security as Art
Business Needs First,
Technology Needs Last

  • Dealing with technology designed to perform at high levels of performance.

  • Specific conditions cause virtually all actions that occur in computer systems.

  • Almost every fault, security hole, and systems malfunction is a result of the interaction of specific hardware and software.

  • If the developers had sufficient time, they could resolve and eliminate these faults. 

  • No hard and fast rules nor are there many universally accepted complete solutions.

  • No magic user’s manual for the security of the entire system. 

  • Complex levels of interaction between users, policy, and technology controls. 

Information security performs four important functions for an organization:

  • Protects the organization’s ability to function.

  • Enables the safe operation of applications implemented on the organization’s IT systems.

  • Protects the data the organization collects and uses.

  • Safeguards the technology assets in use at the organization.

What is Security

To be free from danger

The quality or state of being secure - to be protected from adversaries.
 

A successful organization should have multiple layers of security in place:
– Physical security
– Personal security
– Operations security
– Communications security
– Network security

​

With the level of complexity in today’s information systems, the implementation of information security has often been described as a combination of art and science.

bottom of page